First published: Sun Jul 25 2021(Updated: )
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Nchsoftware Axon Pbx | <=2.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this cross-site scripting (XSS) vulnerability is CVE-2021-37454.
CVE-2021-37454 has a severity rating of medium with a CVSS score of 5.4.
The cross-site scripting (XSS) vulnerability in NCH Axon PBX v2.22 and earlier occurs through the line name (stored).
To fix the cross-site scripting (XSS) vulnerability in NCH Axon PBX v2.22 and earlier, update to a version later than v2.22.
Yes, you can find more information about CVE-2021-37454 at the following references: [link_1] [link_2]